Latest Server related questions

Score: 0
Bartek Walkowski avatar
Azure App Proxy with onPremise RDS SSO only with AzureAD
jo flag

My client have Azure Active Directory with synchronized their onPremise Active Directory. We want to provide him Remote Desktop Services behind Azure App Proxy from dedicated onPremise Active Directory in our infrastructure.

So client have domain named contoso.com. We want create onPremise AD named private.local

We want provide Authentication to RDS in onPremise domain private.local only with crede ...

Score: 1
Shaamaan avatar
Docker container running gMSA whilst having admin permissions
ru flag

I'm trying to set up a Docker container for our DevOps pipelines. I've... almost got it all.

Right now I've got a Windows-based container which:

  1. has pre-installed SDKs, Java and the like
  2. can manipulate (start, stop, build) docker containers
  3. can access our network shares

The problem is that I can't get points 2) and 3) to be available simultaneously. To enable 3) I've had to prepare a group managed ser ...

Score: 0
Islantay avatar
Wireguard - How to use wireguard for outbound only
mz flag

I would like to run Wireguard vpn on my server to take advantage of another server's good routing. But of course I don't want Wireguard to take over my inbound traffic for ssh,hosted services etc.

Does anyone know how do I use Wireguard for outbound traffic only?

Score: 1
mario ruiz avatar
fail2ban ingest IPs from AbuseIPDB
jp flag

In the same way, we report IPs for AbuseIPDB IPs, is there a way to use their DB of IPs to Ban IPS using fail2ban?

I went through this tutorial

https://www.abuseipdb.com/fail2ban.html

And it works to report IPs. But I would like to improve this process by adding the AbuseIPDB IPs to my host so I can share IPs in both ways. Is that feasible?

Thanks

Score: 0
Paul avatar
IIS 10 bindings. A domain runnning on http and another running on https for same website issue
br flag

So I have a website configured with these bindings (fictional domains / ip addresses here):

http sub.domain.com   port 80    ip 1.2.3.4
http www.somedomain.com port 80  ip 2.2.3.3

Everything works fine, both domains work with the website, however if I add a new https binding to ONE of the domains:

https www.somedomain.com  port 443  ip 2.2.3.3

That messes up the sub.domain.com website. When I go to  ...

Score: 0
Dan avatar
Isolated non-syncing RODC
cn flag
Dan

We have a multi-site active directory setup, with one of the sites only containing read only domain controllers.

Due to a new remote site coming online, new site links and link bridges were created as the new site was not fully routed. There was a misunderstanding about how the site-link bridges operated - as a result these site link changes replicated to the RODC only site. There is now a large  ...

Score: 0
Domain Certificate Authority Role On None Domain Controller
cn flag

I am setting up a new domain and I need to setup a Root CA and a Certificate Authority to hand out certificates to domain computers as well as to handle certificate actions and secure communications. I have installed it onto a Member Server for my Server 2019 domain separate from any of my Domain Controllers as I understand that is not a best practice. But when I go to pull new certificates on my Domain ...

Score: 4
MyUserName avatar
Windows Server 2019 randomly changes time and date to incorrect values
in flag

In the last two months, we have got quite a few issues with the server time and date occasionally changing to some absolute random values. Sometimes it is a few days in the future or past, sometimes - even several months.

We have got the problem on several VMs, so it is not the problem with one VM unfortunately.

We run Windows Server 2019 (Version 1809 OS Build 17763.3406) on Amazon EC2. We synced  ...

Score: 1
Lightsong avatar
Trouble setting up a simple SSH VPN to bypass a firewall
au flag

I have a small test network composed of two LANs connected via a firewall, with Linux hosts(containers). This firewall is set up to block certain websites from being accesed from within the B LAN, and as such I want to check out ways of bypassing said firewall.

For this, I know that both A and B are SSH servers (which allow root login, tunneling etc. for testing purposes), and moreover that A has set up  ...

Score: 0
Jason is a robot avatar
Routing connection to Azure DB through StrongSwan IPSec site-to-site tunnel
in flag

I have a Linux Strongswan IPSec site-to-site connection up and stable to an Azure Cloud Network, I'm trying to route an sql connection with a python script through the tunnel to an Azure database in the clients network but I keep getting timed out responses and I can't tell if the connection attempts are going through the tunnel. Part of my python script is trying to resolve the address to the IP but I ...

Score: 0
aolszowka avatar
Docker Multi-Platform Multi-Stage Build For ARMv6
in flag

I am trying to build rtlamr and rtlamr-collect in Docker and then using a multi-stage build copy the outputs to reduce file sizes. I am trying to target a Raspberry Pi 1 B+ which is a low powered ARMv6 SBC.

dockerfile:

FROM golang:latest AS build
RUN CGO_ENABLED=0 GOOS=linux go install github.com/bemasher/rtlamr-collect@latest
RUN CGO_ENABLED=0 GOOS=linux go install github.com/bemasher/rtlamr@latest

 ...
Score: 0
sam23 avatar
php and apache not seeing anything in there defined tmp dirs
cn flag

How to check logs for non application 500s?

we have standard php and apache but not seeing anything in there defined tmp dirs

I have actually 2 issues one is routing logs for https://www.test.com

other is that the '/tmp/' or our dev on system currently is writing to a private system dir

e.g. /tmp/systemd-private-840c0bc8008041628bfc86e69a7bb944-httpd.service-z3oDEZ/tmp/

our old server wrote to '/tmp/' ...

Score: 0
Mardaker avatar
Uneven cpu utilization linux dual socket server
mg flag

Recently I noticed on two of our servers strange distribution of tasks. Both servers are dual cpu EPYC 7402 physically the same platforms, running the same tasks, differ in numa configuration, kernel and ubuntu.

Server 1 configuration and load:

Linux sv-marmoset222 5.15.0-46-generic #49~20.04.1-Ubuntu SMP Thu Aug 4 19:15:44 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Architecture:                    x86_6 ...
Score: 3
Soruk avatar
ESXi 7.0.3 unable to start VM after a cancelled export
kp flag

I cancelled the export of a VM via ovftool when I realised the partition it was being dumped to wasn't going to be big enough. As a direct result of this, the VM cannot be powered on, with the surprising error

Failed - The attempted operation cannot be performed in the current state (Powered off).

Googling this error gives me nothing, the closest matches on the VMware KB refer to "Powered on", wh ...

Score: 1
John-H avatar
How to use puppet-apache mod (v8.3.0) with hiera?
cw flag

Queston: Using the roles & profiles method, is it possible to use 'puppetlabs-apache', '8.3.0' with a hiera lookup?

Context:

  • I am using mod 'puppetlabs-apache', '8.3.0' to configure an apache server. I have a large number of apache re-write rules for various sites.

  • Each site is configured hiera, e.g hiera.yaml:

     paths:
        - site/%{::site}.yaml
        - role/%{::role}.yaml
    
  • where a webapp.pp role inst ...

Score: 0
yondkoo avatar
Can a VirtualBox instance that has a bridge network on it access another network?
gp flag

First of all, I'm really sorry if I am asking a super dump question. I've searched everything on the internet but couldn't find the right answer.

I'm building a K8S cluster on VirtualBox using Vagrant. All instances are successfully configured to the network (192.168.57.1 "my physical router, and the physical server has connected with it"). My laptop has connected to the same router but in a diff ...

Score: 0
Is it possible to ssh directly between jump targets
vn flag

Situation

One jumphost: j
Two target servers: s & d

What (if it's possible) would I have to do on j, s & d to be able to on s do:

scp -r foo d:/tmp/foo

both s & d are reachable from j via ssh, but j does not, itself, run an ssh server.

Score: 0
Yair avatar
Can I seperate SCP and SSH login, using different ports and different users?
kw flag

I want to separate SCP to be on a different TCP port than the regular port 22.

Using this port, a user should only be able to run SCP commands but not to do a regular SSH login. That user would not have access to regular SSH login on port 22, and vice versa.

Is that possible?

Score: 1
Wisseo avatar
Exchange 2016: high amount of send connectors problematic?
gf flag

On an Exchange 2016 we would like to configure different security settings for approx. 250 Domains (Limit non delivery reports to these). A solution might be to configure a separate send connector for each of these domains.

  • Is there a problem configuring this amount of send connectors - maybe performance problems?
  • Is there a better way to achieve this than more send connectors?

Thanks for any advi ...

Score: 0
pnuts.93 avatar
Physical shutdown through power button required on Ubuntu 20.05.5 Server after reboot
cc flag

Further elaborating what the title says: basically I have an Ubuntu 20.05.5 bare metal server that I am renting from a third party provider.
Every time I run a generic software update that includes kernel modules, I also need to reboot the machine: after I give the command sudo reboot, of course I am kicked out of the server, but the problem is, after waiting several minutes for it to come back o ...

Score: 0
Adelmo Silva avatar
Playbook to extract hosts from /etc/hosts
hk flag

I need help extracting hosts informations from /etc/hosts file and exporting that content to a predefined file. I created a Ansible's Playbook to this task, but the content is not written on the output file. Do you guys, can help me, please?

Following Playbook:

- hosts: sigt-temp 
  become: yes
  become_user: root
  gather_facts: yes
  
  tasks:
  
    - name: Collecting Data
      shell:
        cmd:  ...
Score: 1
nezumi avatar
Raid 5 array won't assemble after 1 drive's partition table was wiped
mh flag

This is my first post/question here, so please bear with me.

I have an issue with my system where my existing raid5 array won't assemble. This occurred after I inadvertently wiped the partition table of the first disk in the array.

The system was set up a while ago with two raid arrays across 4 identical 4Tb disks - a 2Tb effective/4Tb disk space raid 1 array (md0), intended for home backups, and an ...

Score: 0
relet avatar
Alternatives to ansible-pull
us flag

I have a number of systems that need configuration/updates, while being offline for long periods of time. They therefore need to contact a configuration system on boot, and in regular intervals and apply their updates in a pull fashion.

I have some experience with ansible-pull/mitogen for the purpose, but I was surprised that I could not find any pull-based mechanisms in similar management system ...

Score: 0
csandreas1 avatar
Rsync often stacks while I am connected to VPN through wsl
in flag

From time to time while running rsync command through wsl, it stacks, and I need to run it again. This only happens while I am connected to VPN. Not sure why this happens

RSYNC_COMMAND=avAXEWSlHhz

rsync -${RSYNC_COMMAND} --timeout=3 --chmod=ugo=rwX --delete --exclude-from="${EXCLUDE_FILES}" ${LOCAL_FOLDER} -e "ssh -i ${INDENTITY_KEY}" ${USERNAME}@${DEV_SERVER}:${REMOTE_FOLDER}

Output:

sending in ...
Score: 3
Harsha K avatar
GCP : Monthly VM Uptime report in percentage
bv flag

The VMs in our environments are using only internal networks , which consist of both Linux and Windows flavours. Our requirement is to take the monthly report which gives the data of the VM uptime in percentage.

Please suggest if already the solution exists.or suggest steps to get the uptime percentage of the VMs

Score: 0
uberrebu avatar
nginx redirect multiple server names with non-standard port in url
bv flag

I have an endpoint like https://app1.company.com:5555 and will like to be able to browse the website with the port number in the url for all pages and also be able to browse without the port number at let say the other server_name of https://dev-app1.company.com

so for example https://app1.company.com:5555/tag/general , https://dev-app1.company.com/categories/ulmighty should all work

how do I get  ...

Score: 1
Rino Bino avatar
Jenkins agent is not honoring hudson.TcpSlaveAgentListener.hostName
us flag

Background / Environment:

Jenkins 2.3x on Ubuntu 20.04

I am trying to use a Jenkins Agent installed on the same system as Jenkins server. Ideally it will connect to just "localhost" when talking to the Jenkins controller.

Jenkins sits behind a reverse proxy which requires 2FA auth (using the official plugin).

If a reason for me using this local agent is needed, it's because having a standalone agen ...

Score: 0
berinaniesh avatar
Shrink one of the disks in a multi device BTRFS filesystem
ug flag

My root partition is running out of space and I have no other SATA slots. I have a BTRFS raid0 and I would like to shrink one of the partitions I used for the BTRFS-raid0 and add it to the root partition (make it raid0). How can I do that?

The layout is as follows:

  • /dev/sda
    • sda1 - 500M - EFI - /boot
    • sda2 - 10G - Root - /
    • sda3 - 455.3G - btrfs-raid0-disk0 - /data
  • /dev/sdb - 465.8G - btrf ...
Score: 1
caiofreitasx avatar
NGINX Buffer parameters causing issues with Python requests library
cx flag

'm having problems uploading files through the Python requests library when I activate the parameters below in my NGINX proxy (where the connection goes)

proxy_buffering off;

proxy_request_buffering off;

Through curl I can successfully upload:

  • It returns HTTP/200 on authentication, then HTTP/307 pro redirect through NGINX proxy and HTTP/201 to inform that the file was created successfully.

Throu ...

Score: 1
hando han avatar
Is it bad idea that all user and all devices connect to one WireGuard VPN interface?
ca flag

I have few knowledge for network, I need some basic advice.

On my business domain, users is facility manager or system installer. There are not many users and they can have some responsibility for security.

My devices are made by Raspberry Pi that use Web GUI to control. But it is only used when it installed, few hours, no heavy traffic.

I think VPN is enough to handle this with following network descr ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.